RubyGems - bsm-rails-api - Versions diffs - 0.2.1 - Mend

bsm-rails-api 0.2.1

Files changed (5) hide show

checksums.yaml +7 -0
data/lib/bsm/rails_api/authorization.rb +67 -0
data/lib/bsm/rails_api.rb +10 -0
data/lib/bsm-rails-api.rb +1 -0
metadata +122 -0

checksums.yaml ADDED Viewed

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: 8a942ceff62e17de023a3e4fd5ef334080410bdb
+  data.tar.gz: 79d9c3f85caa0102c788faad1f3ef13919b1f052
+SHA512:
+  metadata.gz: 1559658a1ff562820e1d35137543bfaeb4ca9766c5a643300db783b426db50bb2c6eccca4b07eeffb5747e027076a7d6a1ccb88d902430a76f1bce4995c880bc
+  data.tar.gz: b4208dce344117e471e9717c849023804292891ca284597a006e71ab8b6b2af38607e695adb94944fedf6372ad85826faa53c028a5a0b5e8c4486cd7a3c13d38

data/lib/bsm/rails_api/authorization.rb ADDED Viewed

@@ -0,0 +1,67 @@
+require 'active_support/concern'
+module BSM::RailsAPI::Authorization
+  extend ActiveSupport::Concern
+  class NotSecure < StandardError
+  end
+  included do
+    after_filter :ensure_permit_access_authorized!
+  end
+  class_methods do
+    # Manage access permissions.
+    # Assumptions:
+    #
+    #  * users are already authenticated
+    #  * controller has a method called current_user which returns a user record
+    #  * the user has a `#kind` method which returns a string, e.g. 'employee' or 'client'
+    #  * the user has a `#roles` method which returns an array of strings, e.g. ['app:some:role', 'app:other:role']
+    #
+    # Example:
+    #
+    #   permit_access :read, employee: :all, client: ["app:custom:role"]
+    #   permit_access :manage, :destroy, employee: ["app:admin"]
+    #
+    def permit_access(*actions)
+      opts = actions.extract_options!
+      acts = actions.map do |name|
+        case name
+        when :read   then [:index, :show]
+        when :manage then [:create, :update]
+        else name.to_sym
+        end
+      end.flatten.uniq
+      before_action only: acts do |ctrl|
+        user = ctrl.send(:current_user)
+        ctrl.send :unauthorized! unless user
+        reqs = opts[user.kind.to_sym]
+        ctrl.send :unauthorized! if reqs != :all && (Array.wrap(reqs) & user.roles).empty?
+        ctrl.send :instance_variable_set, :@_bsm_rails_api_authorized, true
+      end unless acts.empty?
+    end
+  end
+  protected
+    # Render a 403
+    def unauthorized!
+      render text: "Unauthorized", status: 403
+    end
+  private
+    # Callback to ensure we have actually granted the user permission
+    # to access a resource via permit_access
+    def ensure_permit_access_authorized!
+      unless @_bsm_rails_api_authorized
+        raise NotSecure, "This action failed because permit_access filters were not run. Add permit_access to secure this endpoint."
+      end
+    end
+end

data/lib/bsm/rails_api.rb ADDED Viewed

@@ -0,0 +1,10 @@
+module BSM
+  module RailsAPI
+  end
+end
+%w|
+  authorization
+|.each do |name|
+  require "bsm/rails_api/#{name}"
+end

data/lib/bsm-rails-api.rb ADDED Viewed

	@@ -0,0 +1 @@
1	+ require 'bsm/rails_api'

metadata ADDED Viewed

@@ -0,0 +1,122 @@
+--- !ruby/object:Gem::Specification
+name: bsm-rails-api
+version: !ruby/object:Gem::Version
+  version: 0.2.1
+platform: ruby
+authors:
+- Dimitrij Denissenko
+autorequire:
+bindir: bin
+cert_chain: []
+date: 2015-04-27 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: railties
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 4.2.0
+    - - "<"
+      - !ruby/object:Gem::Version
+        version: 5.0.0
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 4.2.0
+    - - "<"
+      - !ruby/object:Gem::Version
+        version: 5.0.0
+- !ruby/object:Gem::Dependency
+  name: actionpack
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: activesupport
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: rspec
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+description: ''
+email: dimitrij@blacksqaremedia.com
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- lib/bsm-rails-api.rb
+- lib/bsm/rails_api.rb
+- lib/bsm/rails_api/authorization.rb
+homepage: https://github.com/bsm/rails-api
+licenses:
+- MIT
+metadata: {}
+post_install_message:
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: 2.0.0
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: 1.8.0
+requirements: []
+rubyforge_project:
+rubygems_version: 2.4.6
+signing_key:
+specification_version: 4
+summary: BSM's Rails API helpers
+test_files: []